Coordinated GitHub API enumeration and access token abuse
19h ago
Source
DatadogCoordinated GitHub API enumeration and access token abusedatadoghq.comDatadog Security Research has tracked multiple coordinated campaigns enumerating GitHub organizations, repositories, and users through the public GitHub API, abusing leaked access tokens, and cloning private repositories.
You might also wanna read
Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data
thehackernews.com·1d ago
Study finds 5,673 compromised Android signing keys on GitHub affecting over 10 billion users
This paper presents a longitudinal study on Android app signing key protection, revealing systemic risks from developer-managed credentials.
GitHub introduces workflow execution protections to control who can trigger Actions
GitHub has introduced Workflow Execution Protections in public preview for GitHub Enterprise, organizations, and repositories. This feature
Researchers repeatedly leak UK Biobank participant health data on public GitHub repositories
UK Biobank, which holds genetic and health data on 500,000 British volunteers, has been repeatedly finding that researchers accidentally upl
Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection
BackBox.org·8h ago
API Radar Launches Enhanced Service for Detecting Leaked API Keys in GitHub Repositories
API Radar launches a new version of its Live Feed of Leaked API Keys service that continuously discovers exposed API keys in public GitHub r

Comments
Sign in to join the conversation.
No comments yet. Be the first.